Re: Concerns about the use of OPENSSL_cleanse()

2002-12-09 Thread Ben Laurie
Jeffrey Altman wrote: I think we need to take a very close look at the situations when it is safe to replace memset(buf,0,sizeof(buf)) with OPENSSL_cleanse(buf,sizeof(buf)). It is clearly safe to make this replacement when the buffer is a stack allocation because there can be no future use of

RE: Concerns about the use of OPENSSL_cleanse()

2002-12-09 Thread Yoram Zahavi
PROTECTED] Subject: Re: Concerns about the use of OPENSSL_cleanse() Jeffrey Altman wrote: I think we need to take a very close look at the situations when it is safe to replace memset(buf,0,sizeof(buf)) with OPENSSL_cleanse(buf,sizeof(buf)). It is clearly safe to make this replacement when

Re: Concerns about the use of OPENSSL_cleanse()

2002-12-09 Thread Rich Salz
However, this is not true for data structures that are located on the heap. In many cases OpenSSL provides functions that allow a buffer to be reused: XXX_init(), XXX_cleanup(), XXX_free(). This is true for several data structures. By replacing memset() with OPENSSL_cleanse() in the

Re: Concerns about the use of OPENSSL_cleanse()

2002-12-09 Thread Jeffrey Altman
Rich Salz wrote: Hmm, so OpenSSL is depending on NULL being all-bytes-zero. :) Funny about that. :-) Probably a safe assumption, although theoretically you shouldn't do that. It really wouldn't matter what assumption you made. At some point there needs to be a test: Is this structure

Re: Concerns about the use of OPENSSL_cleanse()

2002-12-09 Thread Geoff Thorpe
Hello, On December 9, 2002 01:17 am, Wirta Ville wrote: Just a humble opinnion on that problem. How about adding a normal memset to be the last action that OPENSSL_cleanse() does? Would that make any kind of sence or improvement? That way the compiler would have to make sure OpenSSL can

Re: Concerns about the use of OPENSSL_cleanse()

2002-12-09 Thread bpringlemeir
Jeffrey Altman wrote: I think we need to take a very close look at the situations when it is safe to replace memset(buf,0,sizeof(buf)) with OPENSSL_cleanse(buf,sizeof(buf)). It is clearly safe to make this [snip] Ben OPENSSL_cleanse() should be followed by a memset()? OTOH, if the

Re: Concerns about the use of OPENSSL_cleanse()

2002-12-09 Thread Richard Levitte - VMS Whacker
For y'all that have concerns about this: I'll take a look tomorrow, and see what I may have done wrong (not an excluded possibility :-)). -- Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED] Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47 \ SWEDEN

RE: Concerns about the use of OPENSSL_cleanse()

2002-12-08 Thread Wirta Ville
Good morning great OpenSSL developpers! Just a humble opinnion on that problem. How about adding a normal memset to be the last action that OPENSSL_cleanse() does? Would that make any kind of sence or improvement? That way the compiler would have to make sure OpenSSL can safely expect to find a